Jump to content

Unblocking FTPS ports on iptables?


nvemb3r
 Share

Recommended Posts

Hello,

I'm having issues trying to unblock ports 989 and 990 on iptables. I'm able to connect to my vsftpd service with plain FTP (not what I'm comfortable with), and I've been able to unblock ports for other services I use (Apache, OpenSSH, etc). Every time I do a port scan, those two ports never come up.

I don't know if I screwed up iptables, or if I screwed up my daemon. Or both.

Link to comment
Share on other sites

You can use TLS over standard 20,21 for ftps, or, 22 and just use scp, which I find better than using secure ftp in my opinion. only one port needed and secured via your SSH settings.

Link to comment
Share on other sites

Sorry for getting back to you late.

Accessing FTPS over port 21 instead of port 990 worked. I've had issues with iptables and the config file that I didn't notice before. :)

Changes to vsftpd.conf:

# Certificate and key locations
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.key

# Turn on SSL
ssl_enable=YES
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
ssl_ciphers=HIGH

# Enable Implicit SSL
implicit_ssl=YES
pasv_enable=YES
pasv_min_port=15000
pasv_max_port=16000

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...